From 1f67d3268d1cea36487a3141d55abc759280efea Mon Sep 17 00:00:00 2001 From: Bastian Hofmann Date: Thu, 12 Nov 2020 13:50:27 +0100 Subject: [PATCH] Add documentation for the new entity ID field in the keycloak configuration The field was introduced with https://github.com/rancher/rancher/pull/29555 in 2.5.2 Signed-off-by: Bastian Hofmann --- .../authentication/keycloak/_index.md | 21 ++++++++++--------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/content/rancher/v2.x/en/admin-settings/authentication/keycloak/_index.md b/content/rancher/v2.x/en/admin-settings/authentication/keycloak/_index.md index e5859ff84b1..0425173433e 100644 --- a/content/rancher/v2.x/en/admin-settings/authentication/keycloak/_index.md +++ b/content/rancher/v2.x/en/admin-settings/authentication/keycloak/_index.md @@ -17,7 +17,7 @@ If your organization uses Keycloak Identity Provider (IdP) for user authenticati `Sign Documents` | `ON` 1 `Sign Assertions` | `ON` 1 All other `ON/OFF` Settings | `OFF` - `Client ID` | `https://yourRancherHostURL/v1-saml/keycloak/saml/metadata`2 + `Client ID` | Either `https://yourRancherHostURL/v1-saml/keycloak/saml/metadata` or the value configured in the `Entry ID Field` of the Rancher Keycloak configuration2 `Client Name` | (e.g. `rancher`) `Client Protocol` | `SAML` `Valid Redirect URI` | `https://yourRancherHostURL/v1-saml/keycloak/saml/acs` @@ -65,15 +65,16 @@ If your organization uses Keycloak Identity Provider (IdP) for user authenticati 1. Complete the **Configure Keycloak Account** form. - | Field | Description | - | ------------------------- | -------------------------------------------------------------------------------------- | - | Display Name Field | The attribute that contains the display name of users.

Example: `givenName` | - | User Name Field | The attribute that contains the user name/given name.

Example: `email` | - | UID Field | An attribute that is unique to every user.

Example: `email` | - | Groups Field | Make entries for managing group memberships.

Example: `member` | - | Rancher API Host | The URL for your Rancher Server. | - | Private Key / Certificate | A key/certificate pair to create a secure shell between Rancher and your IdP. | - | IDP-metadata | The `metadata.xml` file that you exported from your IdP server. | + | Field | Description | + | ------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- | + | Display Name Field | The attribute that contains the display name of users.

Example: `givenName` | + | User Name Field | The attribute that contains the user name/given name.

Example: `email` | + | UID Field | An attribute that is unique to every user.

Example: `email` | + | Groups Field | Make entries for managing group memberships.

Example: `member` | + | Entity ID Field | The ID that needs to be configured as a client ID in the Keycloak client.

Default: `https://yourRancherHostURL/v1-saml/keycloak/saml/metadata` | + | Rancher API Host | The URL for your Rancher Server. | + | Private Key / Certificate | A key/certificate pair to create a secure shell between Rancher and your IdP. | + | IDP-metadata | The `metadata.xml` file that you exported from your IdP server. | >**Tip:** You can generate a key/certificate pair using an openssl command. For example: >